holy fuck, thats scorched earth response. That almost seems like a response that doesnt need to be made public knowlege. Collection, monitoring and central management will be down. Chaos and confusion as new processes are onboarded.
On Mon, Dec 14, 2020 at 2:34 PM Robert Andrews <[email protected]> wrote: > Read through some of this and it will confirm how big a deal it is. And > if a service you were wondering about isn't working, there is a decent > chance that this is why... > > https://cyber.dhs.gov/ed/21-01/ > > > > On 12/14/2020 11:52 AM, Ryan Ray wrote: > > This is a big deal. Solarwinds Orion is a product used in many of the > > Top 100 companies in the world. Including tons of healthcare. > > > > I dislike Solarwinds for many reasons and refused to use them even > > before this hack. Just add another reason to the list. > > > > > > > > On Mon, Dec 14, 2020 at 11:49 AM Steve Jones <[email protected] > > <mailto:[email protected]>> wrote: > > > > So Im reading this now that Solar Winds updates have been delivering > > payloads since june or july. Solar winds having crazy levels of > > access to interior infrastructures. > > > > Im not sure what this is saying, it sounds like what fireye > > isnt saying outwardly is their toolset was stolen prior to that and > > that was how they were able to circumvent the solarwinds security > > infrastructure, as solar winds relied on fireye? > > > > Anybody come across any good detail on solar winds impacted > > software? Like if you downloaded the free subnet calculator, will > > they be taking your google home account too? Imma be pretty pissed > > if they mess with my google play playlists. > > > > I wonder if the disruptions with office365 and the weird spam filter > > changes lately are related to cleanup prior to publication. > > > > We are a tiny company and got withing a hair of pulling the trigger > > on various solarwinds offerings over the years. Thats with tiny > > company tiny budgets. I cant imagine CTO voicemails going down > > around the world today, depending on budget, you hand the keys over > > to solarwinds, and by design, each key you hand over makes sense to > > spend a little more and hand over another key. How would you even > > begin to clean up your organization when your systems that would > > provide you your forensics are the systems that did the damage? > > > > Is this just mediahype and more russia russia russia, or is this as > > big of a deal as it seems > > > > On Mon, Dec 14, 2020 at 9:01 AM dave <[email protected] > > <mailto:[email protected]>> wrote: > > > > DA HUMANITY!! > > > > > > On 12/14/20 8:58 AM, Ken Hohhof wrote: > >> > >> I had a customer this morning complaining she couldn’t “sign > >> on” to the Internet. I mentioned that Google had an outage > >> this morning, but she responded that she doesn’t use any > >> Google services. Of course her email was from a Gmail > >> address.____ > >> > >> __ __ > >> > >> __ __ > >> > >> *From:* AF <[email protected]> > >> <mailto:[email protected]> *On Behalf Of *Mike Hammett > >> *Sent:* Monday, December 14, 2020 6:54 AM > >> *To:* AnimalFarm Microwave Users Group <[email protected]> > >> <mailto:[email protected]> > >> *Subject:* Re: [AFMUG] Fireye____ > >> > >> __ __ > >> > >> "I know I'm next, they're coming after my google home mini and > >> my netflix account."____ > >> > >> __ __ > >> > >> __ __ > >> > >> aaaaannnndddd Google is broken this morning.____ > >> > >> __ __ > >> > >> > >> > >> ----- > >> Mike Hammett > >> Intelligent Computing Solutions <http://www.ics-il.com/> > >> <https://www.facebook.com/ICSIL>< > https://plus.google.com/+IntelligentComputingSolutionsDeKalb>< > https://www.linkedin.com/company/intelligent-computing-solutions>< > https://twitter.com/ICSIL> > >> Midwest Internet Exchange <http://www.midwest-ix.com/> > >> <https://www.facebook.com/mdwestix>< > https://www.linkedin.com/company/midwest-internet-exchange>< > https://twitter.com/mdwestix> > >> The Brothers WISP <http://www.thebrotherswisp.com/> > >> <https://www.facebook.com/thebrotherswisp> > >> > >> > >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>____ > >> > >> > ------------------------------------------------------------------------ > >> > >> *From: *"Steve Jones" <[email protected] > >> <mailto:[email protected]>> > >> *To: *"AnimalFarm Microwave Users Group" <[email protected] > >> <mailto:[email protected]>> > >> *Sent: *Sunday, December 13, 2020 9:57:21 PM > >> *Subject: *Re: [AFMUG] Fireye____ > >> > >> Nope, per fireye, the toolset had to be released because of it > >> being stolen, was not "in the wild"____ > >> > >> __ __ > >> > >> Going to get really interesting to see what comes of this, two > >> federal agencies just happen to get hit shortly after. You can > >> do plenty when you know how you would have otherwise been > >> caught.____ > >> > >> __ __ > >> > >> And that's all fireye admits to having been breached. I'm > >> gonna go ahead and not take their word on it definitively > >> having been russia either. Convenient timing after iran > >> specifically has stated they're going to retaliate for the > >> dead scientist. China will probably confirm this shortly____ > >> > >> __ __ > >> > >> Pretty sure this is far from over and pretty sure this company > >> is just the first to go public.____ > >> > >> __ __ > >> > >> I know I'm next, they're coming after my google home mini and > >> my netflix account.____ > >> > >> __ __ > >> > >> On Sun, Dec 13, 2020, 9:10 PM Ken Hohhof <[email protected] > >> <mailto:[email protected]>> wrote:____ > >> > >> Not saying you are wrong.____ > >> > >> ____ > >> > >> But I think I read somewhere that the Fireye tools that > >> were stolen were a collection of malware already in the > >> wild that they used for testing of client networks. So it > >> was stuff already available, just neatly packaged.____ > >> > >> ____ > >> > >> The guys who really f’d up were the “Equation Group” > >> (cough, cough, NSA) who lost novel and very powerful > >> hacking tools like Eternal Blue to the Shadow Brokers > >> group.____ > >> > >> ____ > >> > >> *From:*AF <[email protected] > >> <mailto:[email protected]>> *On Behalf Of *Steve > Jones > >> *Sent:* Sunday, December 13, 2020 8:45 PM > >> *To:* AnimalFarm Microwave Users Group <[email protected] > >> <mailto:[email protected]>> > >> *Subject:* [AFMUG] Fireye____ > >> > >> ____ > >> > >> These guys F'd up beyond belief.____ > >> > >> ____ > >> > >> Inept as jaime would say____ > >> > >> -- > >> AF mailing list > >> [email protected] <mailto:[email protected]> > >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com____ > >> > >> > >> -- > >> AF mailing list > >> [email protected] <mailto:[email protected]> > >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com____ > >> > >> __ __ > >> > >> > > > > -- > > AF mailing list > > [email protected] <mailto:[email protected]> > > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > > > -- > > AF mailing list > > [email protected] <mailto:[email protected]> > > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > > > > > > > -- > AF mailing list > [email protected] > http://af.afmug.com/mailman/listinfo/af_af.afmug.com >
-- AF mailing list [email protected] http://af.afmug.com/mailman/listinfo/af_af.afmug.com
